The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
http://www.ubuntu.com/usn/USN-2401-1
http://www.debian.org/security/2014/dsa-3068
http://www.debian.org/security/2014/dsa-3063
http://secunia.com/advisories/62261
http://secunia.com/advisories/62035
http://secunia.com/advisories/61932
http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html